Recent developments in Machine-to-Machine (M2M) applications has given rise to the possibility of having a universal integrated circuit card (UICC) that is embedded in a communication device in such a way that the UICC is not easily accessible or replaceable. The ability to change network subscriptions on such devices becomes problematic, thus necessitating mechanisms for securely and remotely provisioning access credentials on these embedded UICCs (eUICC) and managing subscription changes from one network operator to another. These mechanisms shall take into account that the change of subscription may involve provisioning of a new eUICC network access application as well as operator specific applications. Any changes must preserve the industry and end-user benefits that the non-embedded UICC provides today for GSM, 3GPP, 3GPP2 and other systems employing it, particularly in terms of security, flexibility in business relationships, logistics, and end-user experience.